<?php
include_once('include/top.php');

$action=fs_get_value("do");
switch($action)
{
	case    "add"       :   add()       ;   break;
	case    "do_add"    :   do_add()    ;   break;
	case    "do_edit"   :   do_edit()   ;   break;
	case    "delete"    :   do_delete()    ;   break;
	default				:	main()		;	break;
}

?>
<script src="./js/Main.js"></script>
<?php
function main(){
    global $db;
	$sql = "select * from nettteach_member where passport = '".$_SESSION['admin']."' and type='0'";
	$a_result = $db -> query($sql);
	$a_row = $db -> fetch_array($a_result);
?>	
<script>
function check()
{
	if (document.editform.old_password.value == '')
	{
		alert("请输入原密码！");
		return false;
	}
	if (document.editform.new_password.value == '')
	{
		alert("请输入新密码！");
		return false;
	}
	if (document.editform.true_password.value == '')
	{
		alert("请输入确认密码！");
		return false;
	}
	if (document.editform.new_password.value != document.editform.true_password.value)
	{
		alert("两次密码不一致！");
		return false;
	}
}
</script>
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="CContent">
		<tr>
		    <th class="CTitle">修改密码</th>
		</tr>	
		<tr>
			<td class="CPanel"><a href="?" class="lj">修改密码</a> | <a href="?do=add" class="lj">增加管理员</a> | <a href="?do=delete&pp=<?php echo($_SESSION['admin']);?>" class="" onclick="return confirm('你确定注销自己吗？注销后将不能再使用此账号登陆。')">注销自己</a></td>
		</tr>
		<tr>
			<td>
			<form name="editform" method="post" action="?do=do_edit&id=<?php echo($a_row['id']);?>">
			<fieldset>
				<legend>修改密码</legend>
				<div style="text-align:left;">
					<table border="0" cellpadding="2" cellspacing="1">
						<tr>
							<td height="30" width="100"><div align="right">用户名：</div></td>
							<td><?php echo($a_row['passport']);?></td>
						</tr>
						<tr>
							<td height="30"><div align="right">原密码：</div></td>
							<td><input type="password" name="old_password" value="" style="width:180px;" /></td>
						</tr>
						<tr>
							<td height="30"><div align="right">新密码：</div></td>
							<td><input type="password" name="new_password" value="" style="width:180px;" /></td>
						</tr>
						<tr>
							<td height="30"><div align="right">确认新密码：</div></td>
							<td><input type="password" name="true_password" value="" style="width:180px;" /></td>
						</tr>
						<tr>
							<td height="30"></td>
							<td><div class="submit" align="center" style="width:60%; height:30px; line-height:30px;">
							<input type="hidden" name="password" value="<?php echo($a_row['password']);?>" />
							<input type="submit" name="submit" value="确定修改" onclick="return check()"/></div></td>
						</tr>
					</table>
				</div>
			</fieldset>
			</form>
			</td>
		</tr>
	</table>
<?php
}
function do_edit(){
    global $db;
	$id = fs_get_value("id");
        $old_password = fs_get_value("old_password");
        $password = fs_get_value("new_password");
        $sql = "select * from nettteach_member where id =".$id;
        $result = $db -> query($sql);
        $row = mysql_fetch_array($result);
        if($row['password'] != md5($old_password)){
                fs_showmsg("旧密码输入不正确！");
        }else
        {
                $sql = "update nettteach_member set password = '". md5($password)."' where id = ".$id;
                $db -> query($sql);
                fs_showmsg("修改成功！");
        }
        
        
        
//	$old_passowrd = intval(fs_get_value("old_password"));
//        
//	$password = fs_get_value("new_password");
//	$true_password = fs_get_value("true_password");
//	$sql = "select * from nettteach_admin where uid = ".$id;
//	$main_result = $db -> query($sql);
//	$main_row = intval($db -> fetch_array($main_result));
//	if($old_password == $main_row['pw']){
//		if($password == $true_password){
//			$sql = "update nettteach_admin set pw = '". md5($password)."' where uid = ".$id;
//			$db -> query($sql);
//			fs_showmsg("修改成功！");
//		}
//		else{
//			fs_showmsg("两次密码输入不一致！");
//		}
//	}
//	else{
//		fs_showmsg("旧密码输入不正确！");
//	}
}
?>

<?php

function add(){
?>	
<script>
function checkadd()
{
	if (document.addform.un.value == '')
	{
		alert("请输入用户名！");
		return false;
	}
	if (document.addform.new_password.value == '')
	{
		alert("请输入新密码！");
		return false;
	}
	if (document.addform.true_password.value == '')
	{
		alert("请输入确认密码！");
		return false;
	}
	if (document.addform.new_password.value != document.editform.true_password.value)
	{
		alert("两次密码不一致！");
		return false;
	}
}
</script>
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="CContent">
		<tr>
		    <th class="CTitle">增加管理员</th>
		</tr>	
		<tr>
			<td class="CPanel"><a href="?" class="lj">修改密码</a> | <a href="?do=add" class="lj">增加管理员</a> | <a href="?do=delete&pp=<?php echo($_SESSION['admin']);?>" class="" onclick="return confirm('你确定注销自己吗？注销后将不能再使用此账号登陆。')">注销自己</a></td>
		</tr>
		<tr>
			<td>
			<form name="addform" method="post" action="?do=do_add&id=<?php echo($a_row['id']);?>">
			<fieldset>
				<legend>增加管理员</legend>
				<div style="text-align:left;">
					<table border="0" cellpadding="2" cellspacing="1">
						<tr>
							<td height="30" width="100"><div align="right">用户名：</div></td>
							<td><input type="text" name="un" value="" style="width:180px;" /></td>
						</tr>
						<tr>
							<td height="30"><div align="right">新密码：</div></td>
							<td><input type="password" name="new_password" value="" style="width:180px;" /></td>
						</tr>
						<tr>
							<td height="30"><div align="right">确认新密码：</div></td>
							<td><input type="password" name="true_password" value="" style="width:180px;" /></td>
						</tr>
						<tr>
							<td height="30"></td>
							<td><div class="submit" align="center" style="width:60%; height:30px; line-height:30px;">
							<input type="submit" name="submit" value="确定增加" onclick="return checkadd()"/></div></td>
						</tr>
					</table>
				</div>
			</fieldset>
			</form>
			</td>
		</tr>
	</table>
<?php
}
function do_add(){
    global $db;
	$pp = fs_get_value("un");
	$new_password = trim(fs_get_value("new_password"));
	$true_password = trim(fs_get_value("true_password"));
       // echo $true_password.'<br />'.$new_password;exit();
	if($pp != '' && $new_password == $true_password){
		$sql = "select * from nettteach_member where passport = '".$pp."'";
		$a_result = $db -> query($sql);
		if($db -> num_rows($a_result) == 0){
			$sql = "insert into nettteach_member (passport,password,type) value ('".$pp."','".md5($new_password)."','0')";
			$db -> query($sql);
			fs_showmsg("添加成功！");
		}
		else{
			fs_showmsg("该用户名已存在，请重新输入！");
		}
	}
}
?>
<?php
function do_delete(){
    global $db;
	$sql = "delete from nettteach_member where passport = '".fs_get_value("pp")."'";
	$db -> query($sql);
	session_unset($_SESSION['admin']);
	fs_showmsg("您已注销自己的账号！","index.php");
}
?>